• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.2
• /
• pp.1043-1063
• /
• 2019

With delegating proxy to process data before outsourcing, data owners in restricted access could enjoy flexible and powerful cloud storage service for productivity, but still confront with data integrity breach. Identity-based data auditing as a critical technology, could address this security concern efficiently and eliminate complicated owners' public key certificates management issue. Recently, Yu et al. proposed an Identity-Based Public Auditing for Dynamic Outsourced Data with Proxy Processing (https://doi.org/10.3837/tiis.2017.10.019). It aims to offer identity-based, privacy-preserving and batch auditing for multiple owners' data on different clouds, while allowing proxy processing. In this article, we first demonstrate this scheme is insecure in the sense that malicious cloud could pass integrity auditing without original data. Additionally, clouds and owners are able to recover proxy's private key and thus impersonate it to forge tags for any data. Secondly, we propose an improved scheme with provable security in the random oracle model, to achieve desirable secure identity based privacy-preserving batch public auditing with proxy processing. Thirdly, based on theoretical analysis and performance simulation, our scheme shows better efficiency over existing identity-based auditing scheme with proxy processing on single owner and single cloud effort, which will benefit secure big data storage if extrapolating in real application.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.3
• /
• pp.447-461
• /
• 2012

A social network service(SNS) is gaining popularity as a new real-time information sharing mechanism. However, the user's privacy infringement is occurred frequently because the information that is shared through a social network include the private information such as user's identity or lifestyle patterns. To resolve this problem, the research about privacy preserving data sharing in social network are being proceed actively. In this paper, we proposed the efficient scheme for privacy preserving data sharing in social network. The proposed scheme provides an efficient conjunctive keyword search functionality. And, users who granted access right to storage server can store and search data in storage server. Also,, our scheme provide join/revocation functionality suited to the characteristics of a dynamic social network.

• Journal of Information Processing Systems
• /
• v.3 no.1
• /
• pp.21-25
• /
• 2007

We propose several practical SMC protocols for privacy-preserving cooperative scientific computations. We consider two important scientific computations which involve linear equations: the linear systems of equations problem and the linear least-square problem. The protocols proposed in this paper achieve acceptable security in the sense of Du-Zhan's paradigm and t-wise collusion-resistance, and their communication complexity is O(tm), where t is a security parameter and m is the total number of participants. The complexity of our protocol is significantly better than the previous result O($m^2/{\mu}$) of [4], in which the oblivious transfer protocol is used as an important building block.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.5
• /
• pp.2768-2780
• /
• 2019

Ciphertext-policy attribute-based encryption (CP-ABE) is one of the practical technologies to share data over cloud since it can protect data confidentiality and support fine-grained access control on the encrypted data. However, most of the previous schemes only focus on data confidentiality without considering data receiver privacy preserving. Recently, Li et al.(in TIIS, 10(7), 2016.7) proposed a CP-ABE with hidden access policy and testing, where they declare their scheme achieves privacy preserving for the encryptor and decryptor, and also has high decryption efficiency. Unfortunately, in this paper, we show that their scheme fails to achieve hidden access policy at first. It means that any adversary can obtain access policy information by a simple decisional Diffie-Hellman test (DDH-test) attack. Then we give a method to overcome this shortcoming. Security and performance analyses show that the proposed scheme not only achieves the privacy protection for users, but also has higher efficiency than the original one.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.7
• /
• pp.3375-3400
• /
• 2018

With the advent of database-as-a-service (DAAS) and cloud computing, more and more data owners are motivated to outsource their data to cloud database in consideration of convenience and cost. However, it has become a challenging work to provide security to database as service model in cloud computing, because adversaries may try to gain access to sensitive data, and curious or malicious administrators may capture and leak data. In order to realize privacy preservation, sensitive data should be encrypted before outsourcing. In this paper, we present a secure and practical system over encrypted cloud data, called QSDB (queryable and secure database), which simultaneously supports SQL query operations. The proposed system can store and process the floating point numbers without compromising the security of data. To balance tradeoff between data privacy protection and query processing efficiency, QSDB utilizes three different encryption models to encrypt data. Our strategy is to process as much queries as possible at the cloud server. Encryption of queries and decryption of encrypted queries results are performed at client. Experiments on the real-world data sets were conducted to demonstrate the efficiency and practicality of the proposed system.

• Journal of the Korea Society of Computer and Information
• /
• v.23 no.11
• /
• pp.17-24
• /
• 2018

Today, we are living in the era of data and information. With the advent of Internet of Things (IoT), the popularity of social networking sites, and the development of mobile devices, a large amount of data is being produced in diverse areas. The collection of such data generated in various area is called big data. As the importance of big data grows, there has been a growing need to share big data containing information regarding an individual entity. As big data contains sensitive information about individuals, directly releasing it for public use may violate existing privacy requirements. Thus, privacy-preserving data publishing (PPDP) has been actively studied to share big data containing personal information for public use, while preserving the privacy of the individual. K-anonymity, which is the most popular method in the area of PPDP, transforms each record in a table such that at least k records have the same values for the given quasi-identifier attributes, and thus each record is indistinguishable from other records in the same class. As the size of big data continuously getting larger, there is a growing demand for the method which can efficiently anonymize vast amount of dta. Thus, in this paper, we develop an efficient k-anonymity method by using Spark distributed framework. Experimental results show that, through the developed method, significant gains in processing time can be achieved.

• International Journal of Advanced Culture Technology
• /
• v.10 no.2
• /
• pp.240-245
• /
• 2022

Because of the importance of the information, encryption algorithms are heavily used. Raw data is encrypted and secure, but problems arise when the key for decryption is exposed. In particular, large-scale Internet sites such as Facebook and Amazon suffer serious damage when user data is exposed. Recently, research into a new fourth-generation encryption technology that can protect user-related data without the use of a key required for encryption is attracting attention. Also, data clustering technology using encryption is attracting attention. In this paper, we try to reduce key exposure by using homomorphic encryption. In addition, we want to maintain privacy through similarity measurement. Additionally, holistic similarity measurements are time-consuming and expensive as the data size and scope increases. Therefore, Min-Hash has been studied to efficiently estimate the similarity between two signatures Methods of measuring similarity that have been studied in the past are time-consuming and expensive as the size and area of data increases. However, Min-Hash allowed us to efficiently infer the similarity between the two sets. Min-Hash is widely used for anti-plagiarism, graph and image analysis, and genetic analysis. Therefore, this paper reports privacy using homomorphic encryption and presents a model for efficient similarity measurement using Min-Hash.

• International journal of advanced smart convergence
• /
• v.12 no.2
• /
• pp.56-66
• /
• 2023

The goal of deep learning is to extract complex features from multidimensional data use the features to create models that connect input and output. Deep learning is a process of learning nonlinear features and functions from complex data, and the user data that is employed to train deep learning models has become the focus of privacy concerns. Companies that collect user's sensitive personal information, such as users' images and voices, own this data for indefinite period of times. Users cannot delete their personal information, and they cannot limit the purposes for which the data is used. The study has designed a deep learning method that employs privacy protection technology that uses distributed collaborative learning so that multiple participants can use neural network models collaboratively without sharing the input datasets. To prevent direct leaks of personal information, participants are not shown the training datasets during the model training process, unlike traditional deep learning so that the personal information in the data can be protected. The study used a method that can selectively share subsets via an optimization algorithm that is based on modified distributed stochastic gradient descent, and the result showed that it was possible to learn with improved learning accuracy while protecting personal information.

• Journal of the Korea Society of Computer and Information
• /
• v.25 no.4
• /
• pp.113-121
• /
• 2020

With the rapid development of information and communication technology (ICT), various sensors are being embedded in wearable devices. Consequently, these devices can continuously collect data including health data from individuals. The collected health data can be used not only for healthcare services but also for analyzing an individual's lifestyle by combining with other external data. This helps in making an individual's life more convenient and healthier. However, collecting health data may lead to privacy issues since the data is personal, and can reveal sensitive insights about the individual. Thus, in this paper, we present a method to collect an individual's health data from a smart band in a privacy-preserving manner. We leverage the local differential privacy to achieve our goal. Additionally, we propose a way to find feature points from health data. This allows for an effective trade-off between the degree of privacy and accuracy. We carry out experiments to demonstrate the effectiveness of our proposed approach and the results show that, with the proposed method, the error rate can be reduced upto 77%.

• 한국정보통신설비학회:학술대회논문집
• /
• 2008.08a
• /
• pp.500-503
• /
• 2008

Vehicular Ad hoc Networks have attracted extensive attentions in recent years for their promises in improving safety and enabling other value-added services. Security and privacy are two integrated issues in the deployment of vehicular networks. Privacy-preserving authentication is a key technique in addressing these two issues. We propose a hash chain based authentication protocol that preserves the user privacy. We show that the our scheme can efficiently authenticate users. Name of Our protocol is